import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;

@RestController
@RequestMapping("/api")
public class UserController {

    @Role(value = Role.GUEST)
    @PostMapping("/login")
    public ResponseEntity<Void> login(@RequestParam String username, @RequestParam String password, HttpSession session) {
        if ("admin".equals(username) && "admin123".equals(password)) {
            session.setAttribute("role", Role.ADMIN);
            return ResponseEntity.ok().build();
        } else if ("user".equals(username) && "user123".equals(password)) {
            session.setAttribute("role", Role.USER);
            return ResponseEntity.ok().build();
        } else {
            return ResponseEntity.status(401).build();
        }
    }

    @Role(value = Role.USER)
    @GetMapping("/user")
    public ResponseEntity<Void> getUser(@RequestParam String id) {
        return ResponseEntity.ok().build();
    }

    @Role(value = Role.ADMIN)
    @DeleteMapping("/user")
    public ResponseEntity<Void> deleteUser(@RequestParam String id) {
        return ResponseEntity.ok().build();
    }
}
